Unrated severityNVD Advisory· Published Jun 23, 2006· Updated Apr 16, 2026

CVE-2006-3168

Description

SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php.

Affected products

Comscripts/Cs Forum
cpe:2.3:a:comscripts:cs-forum:*:*:*:*:*:*:*:*
Range: <=0.81

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20534nvdVendor Advisory
www.acid-root.new.fr/advisories/csforum081.txtnvdVendor Advisory
securityreason.com/securityalert/1124nvd
www.comscripts.com/scripts/php.cs-forum.643.htmlnvd
www.osvdb.org/26382nvd
www.osvdb.org/26383nvd
www.securityfocus.com/archive/1/436789/100/0/threadednvd
www.vupen.com/english/advisories/2006/2314nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27176nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000